<?php
    require_once ("Includes/session.php");
    require_once ("Includes/simplecms-config.php"); 
    require_once ("Includes/connectDB.php");
    require_once("conf.php");   
    include("Includes/header.php"); 
    //check if admin
    confirm_is_admin();//this should be enough

?>

<?php
    if(isset($_POST['Add']))
    {
        $EName = trim($_POST['signID']);
        if(empty($EName))
        {
            echo "<script type='text/javascript'>alert('Invalid Exam name')</script>";
        }
        else
        {
            if ($_FILES['image']['error'])
            { 
                switch ($_FILES['image']['error'])
                { 
                    case 1: 
                        echo "<script type='text/javascript'>alert('File exceeded upload max filesize')</script>"; 
                    break;
                    case 2: 
                        echo "<script type='text/javascript'>alert('File exceeded maximum file size')</script>"; 
                    break; 
                    case 3: 
                        echo "<script type='text/javascript'>alert('File only partially uploaded')</script>"; 
                    break; 
                    case 4: 
                        echo "<script type='text/javascript'>alert('No file uploaded')</script>";
                    break; 
                    case 6: 
                        echo "<script type='text/javascript'>alert('Cannot upload file: No temp directory specified')</script>";
                    break; 
                    case 7: 
                        echo "<script type='text/javascript'>alert('Cannot write file to disk')</script>";
                    break; 
                } 
                exit; 
            }
            if ($_FILES['image']['type'] != 'image/png') 
            { 
                echo "<script type='text/javascript'>alert('Problem: file is not an image')</script>";
                exit; 
            }
     
            $upfile= 'uploads/'.$EName .'.png'; 
            if (is_uploaded_file($_FILES['image']['tmp_name'])) 
            { 
                if (!move_uploaded_file($_FILES['image']['tmp_name'], $upfile))
                { 
                    echo "<script type='text/javascript'>alert('Problem: Could not move file to destination directory')</script>";
                    exit; 
                } 
            }
            else 
            { 
                echo "<script type='text/javascript'>alert('Problem: Possible file upload attack.')</script>";
                exit; 
            } 

            //echo "<script type='text/javascript'>alert('File uploaded successfully')</script>";
            $image = file_get_contents($upfile); 

            $imgCode = '<img src="' . $upfile . '" />';
            $query1 = "INSERT INTO signs (number,imgCode) VALUES (?, ?)";

            $statement = $databaseConnection->prepare($query1);
            $statement->bind_param('ss', $EName, $imgCode);
            
            $statement->execute();
            $statement->store_result();
            $creationWasSuccessful = $statement->affected_rows == 1 ? true : false;
            if ($creationWasSuccessful)
            {
                echo "<script type='text/javascript'>alert('Creation Successful')</script>";
            }
            else
            {
                if($statement->errno == 1062 )//duplicate key
                    echo "<script type='text/javascript'>alert('A sign with the same title exists!')</script>";
                else
                    echo "<script type='text/javascript'>alert('An Error occured !')</script>";
                //echo "<script type='text/javascript'>alert(\""."Insert Failed:  " . $statement ->errno ."\")</script>";//debug code
            }
        }
        

        //$contents = strip_tags($contents); 
        //file_put_contents($_FILES['image']['name'], $contents);
        //echo '<p>Preview of uploaded file contents:<br/><hr/>'; 
        //echo nl2br($contents); 
        //echo '<br/><hr/>';
    }
?>


        <div id="add" style="width: 30%; height: 500px;margin-right: 5%;">
            <h2>Add Signs</h2>
                <form action="add_Signs.php" method="post" enctype="multipart/form-data">
                    <fieldset>
                    <legend>Add a Sign</legend>
                    <ol>
                        <li>
                            <label for="signID">Number:</label> 
                            <input type="text" name="signID" id="signID" required="" />
                        </li>
                        <li>
                            <label for="image">Image:</label> 
                            <input type="file" name="image" id="image" required="" />
                            
                        </li>
                    </ol>
                    <input type="submit" name="Add" value="Add" />
                    <p>
                        <a href="Admin_Questions.php">Cancel</a>
                        <input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
                    </p>
                </fieldset>
            </form>
        </div>

</div>

<?php include ("Includes/footer.php"); ?>